[Nov 12, 2025] Genuine AWS-DevOps Exam Dumps New 2025 Amazon Pratice Exam [Q291-Q312]

[Nov 12, 2025] Genuine AWS-DevOps Exam Dumps New 2025 Amazon Pratice Exam

New 2025 Realistic AWS-DevOps Dumps Test Engine Exam Questions in here

NEW QUESTION # 291
A Solutions Architect is designing a web application that is running on an Amazon EC2 instance. The
application stores data in DynamoDB. The Architect needs to secure access to the DynamoDB table.
What combination of steps does AWS recommend to achieve secure authorization? (Select two.)

• A. Attach an IAM role to the Amazon EC2 instance.
• B. Create an IAM role with permissions to write to the DynamoDB table.
• C. Attach an IAM policy to the Amazon EC2 instance.
• D. Attach an IAM user to the Amazon EC2 instance.
• E. Store an access key on the Amazon EC2 instance with rights to the Dynamo DB table.

Answer: B,E

NEW QUESTION # 292
A company is building a web and mobile application that uses a serverless architecture powered by AWS Lambda and Amazon API Gateway. The company wants to fully automate the backend Lambda deployment based on code that is pushed to the appropriate environment branch in an AWS CodeCommit repository.
The deployment must have the following:
*Separate environment pipelines for testing and production.
*Automatic deployment that occurs for test environments only.
Which steps should be taken to meet these requirements?

• A. Create an AWS CodeBuild configuration for test and production environments. Configure the production pipeline to have a manual approval step. Create one CodeCommit repository with a branch for each environment. Push the Lambda function code to an Amazon S3 bucket. Set up the deployment step to deploy the Lambda functions from the S3 bucket.
• B. Create two AWS CodePipeline configurations for test and production environments. Configure the production pipeline to have a manual approval step. Create a CodeCommit repository for each environment. Set up each CodePipeline to retrieve the source code from the appropriate repository. Set up the deployment step to deploy the Lambda functions with AWS CloudFormation.
• C. Configure a new AWS CodePipeline service. Create a CodeCommit repository for each environment.
  Set up CodePipeline to retrieve the source code from the appropriate repository. Set up a deployment step to deploy the Lambda functions with AWS CloudFormation.
• D. Create two AWS CodePipeline configurations for test and production environments. Configure the production pipeline to have a manual approval step. Create one CodeCommit repository with a branch for each environment. Set up each CodePipeline to retrieve the source code from the appropriate branch in the repository. Set up the deployment step to deploy the Lambda functions with AWS CloudFormation.

Answer: D

NEW QUESTION # 293
Which Auto Scaling process would be helpful when testing new instances before sending traffic to them, while still keeping them in your Auto Scaling Group?

• A. Suspend the process Health Check
• B. Suspend the process Replace Unhealthy
• C. Suspend the process AZ Rebalance
• D. Suspend the process AddToLoadBalancer

Answer: D

Explanation:
If you suspend Ad dTo Load Balancer, Auto Scaling launches the instances but does not add them to the load balancer or target group. If you resume the AddTo Load Balancer process. Auto Scaling resumes adding instances to the load balancer or target group when they are launched. However, Auto Scaling does not add the instances that were launched while this process was suspended. You must register those instances manually.
Option A is invalid because this just balances the number of CC2 instances in the group across the Availability Zones in the region Option B is invalid because this just checks the health of the instances. Auto Scaling marks an instance as unhealthy if Amazon CC2 or Clastic Load Balancing tells Auto Scaling that the instance is unhealthy.
Option C is invalid because this process just terminates instances that are marked as unhealthy and later creates new instances to replace them.
For more information on process suspension, please refer to the below document link: from AWS
http://docs.aws.amazon.com/autoscaling/latest/userguide/as-suspend-resume-processes.html

NEW QUESTION # 294
An Application team has three environments for their application: development, pre-production, and production. The team recently adopted AWS CodePipeline. However, the team has had several deployments of misconfigured or nonfunctional development code into the production environment, resulting in user disruption and downtime. The DevOps Engineer must review the pipeline and add steps to identify problems with the application before it is deployed.
What should the Engineer do to identify functional issues during the deployment process?
(Choose two.)

• A. Create an AWS CodeDeploy action in the pipeline with a deployment configuration that automatically deploys the application code to a limited number of instances. The action then pauses the deployment so that the QA team can review the application functionality. When the review is complete, CodeDeploy resumes and deploys the application to the remaining production Amazon EC2 instances.
• B. Add an AWS CodeDeploy action in the pipeline to deploy the latest version of the development code to pre-production. Add a manual approval action in the pipeline so that the QA team can test and confirm the expected functionality. After the manual approval action, add a second CodeDeploy action that deploys the approved code to the production environment.
• C. After the deployment process is complete, run a testing activity on an Amazon EC2 instance in a different region that accesses the application to simulate user behavior if unexpected results occur, the testing activity sends a warning to an Amazon SNS topic. Subscribe to the topic to get updates.
• D. Use Amazon Inspector to add a test action to the pipeline. Use the Amazon Inspector Runtime Behavior Analysis Inspector rules package to check that the deployed code complies with company security standards before deploying it to production.
• E. Using AWS CodeBuild to add a test action to the pipeline to replicate common user activities and ensure that the results are as expected before progressing to production deployment.

Answer: B,E

Explanation:
https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action- type.html#integrations-test
https://docs.aws.amazon.com/codepipeline/latest/userguide/integrations-action- type.html#integrations-deploy

NEW QUESTION # 295
To access the AWS Security Token Service (STS) you can issue calls directly to the AWS STS Query API. This API is a web service interface that accepts ______ requests.

• A. HTTPS
• B. PUT
• C. POST
• D. GET

Answer: A

Explanation:
The Query API for IAM and AWS STS lets you call service actions. Query API requests are HTTPS requests that must contain an Action parameter to indicate the action to be performed.
IAM and AWS STS support GET and POST requests for all actions, that is, the API does not require you to use GET for some actions and POST for others.
Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html

NEW QUESTION # 296
A company is deploying a new mobile game on AWS for its customers around the world. The Development team uses AWS Code services and must meet the following requirements:
- Clients need to send/receive real-time playing data from the backend
frequently and with minimal latency
- Game data must meet the data residency requirement
Which strategy can a DevOps Engineer implement to meet their needs?

• A. Deploy the backend application to multiple regions. Use AWS Direct Connect to serve the application backend to global customers. Any update to the code repository triggers a two-stage build-and- deployment pipeline in the region. After a successful deployment in the region, the pipeline continues to deploy the artifact to another region.
• B. Deploy the backend application to multiple regions. Any update to the code repository triggers a two- stage build and deployment pipeline. A successful deployment in one region invokes an AWS Lambda function to copy the build artifacts to an Amazon S3 bucket in another region. After the artifact is copied, it triggers a deployment pipeline in the new region.
• C. Deploy the backend application to multiple regions. Any update to the code repository triggers a two- stage build-and-deployment pipeline in the region. After a successful deployment in the region, the pipeline invokes the pipeline in another region and passes the build artifact location.
  The pipeline uses the artifact location and deploys applications in the new region.
• D. Deploy the backend application to multiple Availability Zones in a single region. Create an Amazon CloudFront distribution to serve the application backend to global customers. Any update to the code repository triggers a two-stage build-and-deployment pipeline. The pipeline deploys the backend application to all Availability Zones.

Answer: A

NEW QUESTION # 297
You have an ELB on AWS which has a set of web servers behind them. There is a requirement that the SSL
key used to encrypt data is always kept secure. Secondly the logs of ELB should only be decrypted by a subset
of users. Which of these architectures meets all of the requirements?

• A. UseElastic Load Balancing to distribute traffic to a set of web servers. Configurethe load balancer
  toperform TCP load balancing, use an AWS CloudHSM to perform the SSLtransactions, and write
  yourweb server logs to an ephemeral volume that has been encrypted using a randomlygenerated AES
  key.
• B. UseElastic Load Balancing to distribute traffic to a set of web servers, configurethe load balancer
  toperform TCP load balancing, use an AWS CloudHSM to perform the SSLtransactions, and write
  yourweb server logs to a private Amazon S3 bucket using Amazon S3 server-sideencryption.
• C. UseElastic Load Balancing to distribute traffic to a set of web servers. Toprotect the SSL private
  key.upload the key to the load balancer and configure the load balancer to offloadthe SSL traffic. Write
  yourweb server logs to an ephemeral volume that has been encrypted using a randomlygenerated AES
  key.
  B- UseElastic Load Balancing to distribute traffic to a set of web servers. Use TCPIoad balancing on
  theload balancer and configure your web servers to retrieve the private key from aprivate Amazon
  S3bucket on boot. Write your web server logs to a private Amazon S3 bucket usingAmazon S3
  server-sideencryption.

Answer: A

Explanation:
Explanation
The AWS CIoudHSM service helps you meet corporate, contractual and regulatory compliance requirements
for data security by using dedicated Hardware Security
Module (HSM) appliances within the AWS cloud. With CIoudHSM, you control the encryption keys and
cryptographic operations performed by the HSM.
Option D is wrong with the CIoudHSM option because of the ephemeral volume which this is temporary
storage
For more information on cloudhsm, please refer to the link:
* https://aws.amazon.com/cloudhsm/

NEW QUESTION # 298
A DevOps engineer wants to find a solution to migrate an application from on premises to AWS.
The application is running on Linux and needs to run on specific versions of Apache Tomcat, HAProxy, and Varnish Cache to function properly. The application's operating system-level parameters require tuning. The solution must include a way to automate the deployment of new application versions. The infrastructure should be scalable and faulty servers should be replaced automatically.
Which solution should the DevOps engineer use?

• A. Upload the application code to an AWS CodeCommit repository with an appspec.yml file to configure and install the necessary software.
  Create an AWS CodeDeploy deployment group associated with an Amazon EC2 Auto Scaling group.
  Create an AWS CodePipeline pipeline that uses CodeCommit as a source and CodeDeploy as a deployment provider.
• B. Upload the application code to an AWS CodeCommit repository with a saved configuration file to configure and install the software.
  Create an AWS Elastic Beanstalk web server tier and a load balanced-type environment that uses the Tomcat solution stack.
  Create an AWS CodePipeline pipeline that uses CodeCommit as a source and Elastic Beanstalk as a deployment provider.
• C. Upload the application as a Docker image that contains all the necessary software to Amazon ECR.
  Create an Amazon ECS cluster using an AWS Fargate launch type and an Auto Scaling group.
  Create an AWS CodePipeline pipeline that uses Amazon ECR as a source and Amazon ECS as a deployment provider.
• D. Upload the application code to an AWS CodeCommit repository with a set of .ebextensions files to configure and install the software.
  Create an AWS Elastic Beanstalk worker tier environment that uses the Tomcat solution stack.
  Create an AWS CodePipeline pipeline that uses CodeCommit as a source and Elastic Beanstalk as a deployment provider.

Answer: C

NEW QUESTION # 299
How can you resolve a dependency Error when using Cloudformation?

• A. Usethe mappings attribute
• B. UsetheDependsOn attribute
• C. Use the Error attribute
• D. Usethe parameter attribute

Answer: B

Explanation:
Explanation
The AWS troubleshooting guide for Cloudformation states the following
To resolve a dependency error, add a DependsOn attribute to resources that depend on other resources in your template. In some cases, you must explicitly declare dependencies so that AWS Cloud Formation can create or delete resources in the correct order. For example, if you create an Elastic IP and a VPC with an Internet gateway in the same stack, the Elastic IP must depend on the Internet gateway attachment.
For more information on Cloudformation troubleshooting, please refer to the below url
http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/troubleshooting.html

NEW QUESTION # 300
A company has 100 GB of log data in an Amazon S3 bucket stored in .csv format. SQL developers want to query this data and generate graphs to visualize it. They also need an efficient, automated way to store metadata from the .csv file.
Which combination of steps should be taken to meet these requirements with the LEAST amount of effort?
(Select THREE.)

• A. Use AWS Glue as the persistent metadata store.
• B. Filter the data through AWS X-Ray to visualize the data.
• C. Query the data with Amazon Redshift.
• D. Query the data with Amazon Athena.
• E. Use Amazon S3 as the persistent metadata store.
• F. Filter the data through Amazon QuickSight to visualize the data.

Answer: A,D,F

NEW QUESTION # 301
Your serverless architecture using AWS API Gateway, AWS Lambda, and AWS DynamoDB experienced a large increase in traffic to a sustained 3000 requests per second, and dramatically increased in failure rates.
Your requests, during normal operation, last 500 milliseconds on average. Your DynamoDB table did not exceed 50% of provisioned throughput, and Table primary keys are designed correctly. What is the most likely issue?

• A. Your API Gateway deployment is throttling your requests.
• B. You used Consistent Read requests on DynamoDB and are experiencing semaphore lock.
• C. Your AWS API Gateway Deployment is bottleneckingon request (deserialization.
• D. You did not request a limit increase on concurrent Lambda function executions.

Answer: D

Explanation:
Explanation
Every Lambda function is allocated with a fixed amount of specific resources regardless of the memory allocation, and each function is allocated with a fixed amount of code storage per function and per account.
By default, AWS Lambda limits the total concurrent executions across all functions within a given region to
1000.
For more information on Concurrent executions, please visit the below URL:
* http://docs.aws.amazon.com/lambda/latest/dg/co
ncurrent-executions.html

NEW QUESTION # 302
You work at a company that makes use of AWS resources. One of the key security policies is to ensure that all data is encrypted both at rest and in transit. Which of the following is not a right implementation which aligns to this policy?

• A. UsingS3 Server Side Encryption (SSE) to store the information
• B. Enable SSLtermination on the ELB
  C EnablingProxy Protocol
  D- Enablingsticky sessions on your load balancer

Answer: B

Explanation:
Explanation
Please note the keyword "NOT" in the question.
Option A is incorrect. Enabling S3 SSE encryption helps the encryption of data at rest in S3.So Option A is invalid.
Option B is correct. If you disable SSL termination on the ELB the traffic will be encrypted all the way to the backend. SSL termination allows encrypted traffic between the client and the ELB but cause traffic to be unencrypted between the ELB and the backend (presumably EC2 or ECS/Task, etc.) If SSL is not terminated on the ELB you must use Layer A to have traffic encrypted all the way.
Sticky sessions are not supported with Layer A (TCP endpoint). Thus option D" Enabling sticky sessions on your load balancer" can't be used and is the right answer For more information on sticky sessions, please visit the below URL
https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html Requirements
* An HTTP/HTTPS load balancer.
* At least one healthy instance in each Availability Zone.
* At least one healthy instance in each Availability Zone.
If you don't want the load balancer to handle the SSL termination (known as SSL offloading), you can use TCP for both the front-end and back-end connections, and deploy certificates on the registered instances handling requests.
For more information on elb-listener-config, please visit the below
* https://docs.awsamazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html If the front-end connection uses TCP or SSL, then your back-end connections can use either TCP or SSL.
Note: You can use an HTTPS listener and still use SSL on the backend but the ELB must terminate, decrypt and re-encrypt. This is slower and less secure then using the same encryption all the way to the backend.. It also breaks the question requirement of having all data encrypted in transit since it force the ELB to decrypt Proxy protocol is used to provide a secure transport connection hence Option C is also incorrect. For more information on SSL Listeners for your load balancer, please visit the below URL
* http://docsaws.amazon.com/elasticloadbalancing/latest/classic/elb-https-load-balancers.html
* https://aws.amazon.com/blogs/aws/elastic-load-balancer-support-for-ssl-termination/

NEW QUESTION # 303
A company has an application that has predictable peak traffic times. The company wants the application instances to scale up only during the peak times. The application stores state in Amazon DynamoDB. The application environment uses a standard Node.js application stack and custom Chef recipes stored in a private Git repository.
Which solution is MOST cost-effective and requires the LEAST amount of management overhead when performing rolling updates of the application environment?

• A. Create a Docker file that uses the Chef recipes for the application environment based on an official Node.js Docker image. Create an Amazon ECS cluster and a service for the application environment, then create a task based on this Docker image. Use scheduled scaling to scale the containers at the appropriate times and attach a task-level IAM role that provides permission to access DynamoDB.
• B. Create a custom AMI with the Node.js environment and application stack using Chef recipes. Use the AMI in an Auto Scaling group and set up scheduled scaling for the required times, then set up an Amazon EC2 IAM role that provides permission to access DynamoDB.
• C. Configure AWS OpsWorks stacks and use custom Chef cookbooks. Add the Git repository information where the custom recipes are stored, and add a layer in OpsWorks for the Node.js application server.
  Then configure the custom recipe to deploy the application in the deploy step. Configure time- based instances and attach an Amazon EC2 IAM role that provides permission to access DynamoDB.
• D. Configure AWS OpsWorks stacks and push the custom recipes to an Amazon S3 bucket and configure custom recipes to point to the S3 bucket. Then add an application layer type for a standard Node.js application server and configure the custom recipe to deploy the application in the deploy step from the S3 bucket. Configure time-based instances and attach an Amazon EC2 IAM role that provides permission to access DynamoDB.

Answer: D

NEW QUESTION # 304
Which of the following are not valid sources for OpsWorks custom cookbook repositories?

• A. Subversion
• B. Git
• C. AWS EBS
• D. HTTP(S)

Answer: C

Explanation:
Linux stacks can install custom cookbooks from any of the following repository types: HTTP or Amazon S3 archives. They can be either public or private, but Amazon S3 is typically the preferred option for a private archive. Git and Subversion repositories provide source control and the ability to have multiple versions.
http://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-installingcustom- enable.html

NEW QUESTION # 305
Two teams are working together on different portions of an architecture and are using AWS CloudFormation to manage their resources. One team administers operating system-level updates and patches, while the other team manages application-level dependencies and updates. The Application team must take the most recent AMI when creating new instances and deploying the application. What is the MOST scalable method for linking these two teams and processes?

• A. The Operating System team uses CloudFormation stack to create an AWS CodePipeline pipeline that builds new AMIs. The team then places the AMI ARNs as parameters in AWS Systems Manager Parameter Store as part of the pipeline output. The Application team specifies a parameter of type ssm in their CloudFormation stack to obtain the most recent AMI ARN from the Parameter Store.
• B. The Operating System team uses CloudFormation to create new versions of their AMIs and lists the Amazon Resource names (ARNs) of the AMIs in an encrypted Amazon S3 object as part of the stack output section. The Application team uses a cross-stack reference to load the encrypted S3 object and obtain the most recent AMI ARNs.
• C. The Operating System team maintains a nested stack that includes both the operating system and Application team templates. The Operating System team uses a stack update to deploy updates to the application stack whenever the Application team changes the application code.
• D. The Operating System team uses CloudFormation stack to create an AWS CodePipeline pipeline that builds new AMIs, then places the latest AMI ARNs in an encrypted Amazon S3 object as part of the pipeline output. The Application team uses a cross-stack reference within their own CloudFormation template to get that S3 object location and obtain the most recent AMI ARNs to use when deploying their application.

Answer: D

NEW QUESTION # 306
You have launched a cloudformation template, but are receiving a failure notification after the template was
launched. What is the default behavior of Cloudformation in such a case

• A. It will prompt the user on whether to keep or terminate the already created resources
• B. It will continue with the creation of the next resource in the stack
• C. It will rollback all the resources that were created up to the failure point.
• D. It will keep all the resources that were created up to the failure point.

Answer: C

Explanation:
Explanation
The AWS Documentation mentions
AWS Cloud Formation ensures all stack resources are created or deleted as appropriate. Because AWS
CloudFormation treats the stack resources as a single unit,
they must all be created or deleted successfully for the stack to be created or deleted. If a resource cannot be
created, AWS CloudFormation rolls the stack back and
automatically deletes any resources that were created.
For more information on Cloudformation, please refer to the below link:
* http://docs.aws.a
mazon.com/AWSCIoudFormation/latest/UserGuide/stacks.html

NEW QUESTION # 307
You run a large number of applications on Amazon EC2 instances. Each application has associated metadata, such as cost center, support contact, and application ID.
Many applications usually co-exist on each Amazon EC2 instance, so the amount of metadata per instance can range from 10 to 200 items.
The customer wants to be able to quickly access this metadata using an API without logging into the instances.
Which of the following options will satisfy their requirements? Choose 2 answers

• A. As part of the Amazon EC2 instance bootstrapping process, add the metadata to the Amazon EC2 user data.
  Access the metadata by accessing its loopback address from a management instance in the same VPC.
• B. Create a DynamoDB table to hold the metadata, and associate it with the Amazon EC2 instance IDs running the applications.
  Access the metadata by querying the database via the DynamoDB API.
• C. Create compound Amazon EC2 tags for the metadata items, where multiple items are joined together in individual tags, and associate them with the Amazon EC2 instances.
  Access the metadata by using the ec2-describe-tags API call.
• D. Create individual Amazon EC2 tags for each metadata item, and associate them with the Amazon EC2 instances.
  Access the metadata by using the ec2-describe-instance API call.
• E. As part of the Amazon EC2 Instance bootstrapping process, add the metadata to the Amazon EC2 user data.
  Access the metadata by using the ec2-describe-instance API call.

Answer: B,C

NEW QUESTION # 308
A DevOps Engineer is launching a new application that will be deployed using Amazon Route 53, an Application Load Balancer, Auto Scaling, and Amazon DynamoDB. One of the key requirements of this launch is that the application must be able to scale to meet a sudden load increase. During periods of low usage, the infrastructure components must scale down to optimize cost.
What steps can the DevOps Engineer take to meet the requirements? (Select TWO.)

• A. Use AWS Trusted Advisor to submit limit increase requests for the Amazon EC2 instances that will be used by the infrastructure.
• B. Create an Amazon CloudWatch Events scheduled rule that runs every 5 minutes to track the current use of the Auto Scaling group. If usage has changed, trigger a scale-up event to adjust the capacity.
  Do the same for DynamoDB read and write capacities.
• C. Determine which Amazon EC2 instance limits need to be raised by leveraging AWS Trusted Advisor, and submit a request to AWS Support to increase those limits.
• D. Enable Auto Scaling for the DynamoDB tables that are used by the application.
• E. Configure the Application Load Balancer to automatically adjust the target group based on the current load.

Answer: C,D

Explanation:
D is wrong because Auto Scaling can terminate and replace any instances that are reported as unhealthy not ALB.
https://aws.amazon.com/blogs/database/amazon-dynamodb-auto-scaling-performance-and-cost- optimization-at-any-scale/

NEW QUESTION # 309
An Application team has three environments for their application: development, pre-production, and production. The team recently adopted AWS CodePipeline.
However, the team has had several deployments of misconfigured or nonfunctional development code into the production environment, resulting in user disruption and downtime. The DevOps Engineer must review the pipeline and add steps to identify problems with the application before it is deployed.
What should the Engineer do to identify functional issues during the deployment process? (Choose two.)

• A. Add an AWS CodeDeploy action in the pipeline to deploy the latest version of the development code to pre-production. Add a manual approval action in the pipeline so that the QA team can test and confirm the expected functionality. After the manual approval action, add a second CodeDeploy action that deploys the approved code to the production environment.
• B. Using AWS CodeBuild to add a test action to the pipeline to replicate common user activities and ensure that the results are as expected before progressing to production deployment.
• C. Create an AWS CodeDeploy action in the pipeline with a deployment configuration that automatically deploys the application code to a limited number of instances. The action then pauses the deployment so that the QA team can review the application functionality. When the review is complete, CodeDeploy resumes and deploys the application to the remaining production Amazon EC2 instances.
• D. After the deployment process is complete, run a testing activity on an Amazon EC2 instance in a different region that accesses the application to simulate user behavior. If unexpected results occur, the testing activity sends a warning to an Amazon SNS topic. Subscribe to the topic to get updates.
• E. Use Amazon Inspector to add a test action to the pipeline. Use the Amazon Inspector Runtime Behavior Analysis Inspector rules package to check that the deployed code complies with company security standards before deploying it to production.

Answer: C,E

NEW QUESTION # 310
A company is using AWS CodeDeploy to automate software deployment. The deployment must meet these requirements:
* A number of instances must be available to serve traffic during the deployment. Traffic must be balanced across those instances, and the instances must automatically heal in the event of failure.
* A new fleet of instances must be launched for deploying a new revision automatically, with no manual provisioning.
* Traffic must be rerouted to the new environment to half of the new instances at a time. The deployment should succeed if traffic is rerouted to at least half of the instances; otherwise, it should fail.
* Before routing traffic to the new fleet of instances, the temporary files generated during the deployment process must be deleted.
* At the end of a successful deployment, the original instances in the deployment group must be deleted immediately to reduce costs.
How can a DevOps Engineer meet these requirements?

• A. Use an Application Load Balancer and a blue/green deployment. Associate the Auto Scaling group and the Application Load Balancer target group with the deployment group. Use the Automatically copy Auto Scaling group option, and use CodeDeployDefault HalfAtAtime as the deployment configuration.
  Instruct AWS CodeDeploy to terminate the original isntances in the deployment group, and use the BeforeAllowTraffic hook within appspec.yml to delete the temporary files.
• B. Use an Application Load Balancer and an in-place deployment. Associate the Auto Scaling group and Application Load Balancer target group with the deployment group. Use the Automatically copy Auto Scaling group option, and use CodeDeployDefault AllatOnce as a deployment configuration. Instruct AWS CodeDeploy to terminate the original instances in the deployment group, and use the BlockTraffic hook within appsec.yml to delete the temporary files.
• C. Use an Application Load Balancer and a blue/green deployment. Associate the Auto Scaling group and the Application Load Balancer target group with the deployment group. Use the Automatically copy Auto Scaling group option, create a custom deployment configuration with minimum healthy hosts defined as 50%, and assign the configuration to the deployment group. Instruct AWS CodeDeploy to terminate the original instances in the deployment group, and use the BeforeBlock Traffic hook within appsec.yml to delete the temporary files.
• D. Use an Application Load Balancer and an in-place deployment. Associate the Auto Scaling group with the deployment group. Use the Automatically copy Auto Scaling group option, and use CodeDeployDefault.OneAtAtime as the deployment configuration. Instruct AWS CodeDeploy to terminate the original instances in the deployment group, and use the AllowTraffic hook within appspec.yml to delete the temporary files.

Answer: D

NEW QUESTION # 311
You need to deploy an AWS stack in a repeatable manner across multiple environments. You have selected CloudFormation as the right tool to accomplish this, but have found that there is a resource type you need to create and model, but is unsupported by CloudFormation. How should you overcome this challenge?

• A. Submit a ticket to the AWS Forums. AWS extends CloudFormation Resource Types by releasing tooling to the AWS Labs organization on GitHub. Their response time is usually 1 day, and they complete requests within a week or two.
• B. Instead of depending on CloudFormation, use Chef, Puppet, or Ansible to author Heat templates, which are declarative stack resource definitions that operate over the OpenStack hypervisor and cloud environment.
• C. Create a CloudFormation Custom Resource Type by implementing create, update, and delete functionality, either by subscribing a Custom Resource Provider to an SNS topic, or by implementing the logic in AWS Lambda.
• D. Use a CloudFormation Custom Resource Template by selecting an API call to proxy for create, update, and delete actions. CloudFormation will use the AWS SDK, CLI, or API method of your choosing as the state transition function for the resource type you are modeling.

Answer: C

Explanation:
Custom resources provide a way for you to write custom provisioning logic in AWS CloudFormation template and have AWS CloudFormation run it during a stack operation, such as when you create, update or delete a stack. For more information, see Custom Resources.
Reference:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-customresources.html

NEW QUESTION # 312
......

Grab latest Amazon AWS-DevOps Dumps as PDF Updated: https://exams4sure.pdftorrent.com/AWS-DevOps-latest-dumps.html